~ubuntu-branches/ubuntu/trusty/puppet/trusty

Viewing changes to .pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file/file.rb

Committer: Package Import Robot
Author(s): Robie Basak
Date: 2013-04-08 15:03:25 UTC
mfrom: (3.1.46 sid)
Revision ID: package-import@ubuntu.com-20130408150325-4o91hljzz2zca5fi

Tags: 2.7.18-4ubuntu1

* Merge from Debian unstable. This merges the vim addon fix in 2.7.18-2
  (LP: #1163927). Remaining changes:
  - debian/puppetmaster-passenger.postinst: Make sure we error if puppet
    config print doesn't work
  - debian/puppetmaster-passenger.postinst: Ensure upgrades from
    <= 2.7.11-1 fixup passenger apache configuration.
  - Drop Build-Depends on ruby-rspec (in universe):
    + debian/control: remove ruby-rspec from Build-Depends
    + debian/patches/no-rspec.patch: make Rakefile work anyway if rspec
      isn't installed so we can use it in debian/rules.
* Drop upstreamed patches:
  - debian/patches/security-mar-2013.patch

files added:
.pc/2.7.18-CVE-Rollup.patch

.pc/2.7.18-CVE-Rollup.patch/acceptance

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1640_facter_string.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1652_improper_query_params.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1652_poison_other_node_cache.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1653_puppet_kick.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_agent.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_master.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1655_safe_yaml_deserialization.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-2274_all_your_agent_terminii_belong_to_us.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-2274_all_your_master_terminii_belong_to_us.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-2275_report_acl.rb

.pc/2.7.18-CVE-Rollup.patch/conf

.pc/2.7.18-CVE-Rollup.patch/conf/auth.conf

.pc/2.7.18-CVE-Rollup.patch/lib

.pc/2.7.18-CVE-Rollup.patch/lib/puppet

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/catalog

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/catalog/compiler.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/certificate_status

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/certificate_status/file.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/errors.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file/file.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file/selector.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/indirection.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/request.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/active_record.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/ral.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/store_configs.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/validator.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/rest.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/run

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/run/local.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/terminus.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/formats.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/handler

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/handler/master.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/handler/report.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/handler.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/rack

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/rack/rest.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/webrick.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/rest_authconfig.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/parser

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/parser/templatewrapper.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/util

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/util/monkey_patches.rb

.pc/2.7.18-CVE-Rollup.patch/spec

.pc/2.7.18-CVE-Rollup.patch/spec/integration

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector/catalog

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector/catalog/compiler_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector/catalog/queue_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/integration/resource

.pc/2.7.18-CVE-Rollup.patch/spec/integration/resource/catalog_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/catalog

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/catalog/compiler_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/indirection_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/request_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/terminus_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/formats_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/handler_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/rack

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/rack/rest_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/webrick_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http_pool_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/rest_authconfig_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/functions

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/functions/inline_template_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/functions/template_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/templatewrapper_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/ssl

.pc/2.7.18-CVE-Rollup.patch/spec/unit/ssl/certificate_request_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/ssl/host_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/util

.pc/2.7.18-CVE-Rollup.patch/spec/unit/util/monkey_patches_spec.rb

.pc/2.7.x-unit-test-fix.patch

.pc/2.7.x-unit-test-fix.patch/test

.pc/2.7.x-unit-test-fix.patch/test/language

.pc/2.7.x-unit-test-fix.patch/test/language/snippets.rb

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec/integration

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec/integration/type

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec/integration/type/file_spec.rb

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet/type

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet/type/file

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet/type/file/source.rb

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit/type

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit/type/file

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit/type/file/source_spec.rb

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests/resource

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests/resource/file

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests/resource/file/ticket_7680-follow-symlinks.rb

acceptance/tests/resource

acceptance/tests/resource/file

acceptance/tests/resource/file/ticket_7680-follow-symlinks.rb

debian/patches/2.7.18-CVE-Rollup.patch

debian/patches/2.7.x-unit-test-fix.patch

debian/patches/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03

debian/patches/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63

debian/patches/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72

debian/patches/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309

files removed:
.pc/security-mar-2013.patch

.pc/security-mar-2013.patch/acceptance

.pc/security-mar-2013.patch/acceptance/tests

.pc/security-mar-2013.patch/acceptance/tests/security

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1640_facter_string.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1652_improper_query_params.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1652_poison_other_node_cache.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1653_puppet_kick.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_agent.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_master.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1655_safe_yaml_deserialization.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-2274_all_your_agent_terminii_belong_to_us.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-2274_all_your_master_terminii_belong_to_us.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-2275_report_acl.rb

.pc/security-mar-2013.patch/conf

.pc/security-mar-2013.patch/conf/auth.conf

.pc/security-mar-2013.patch/lib

.pc/security-mar-2013.patch/lib/puppet

.pc/security-mar-2013.patch/lib/puppet/indirector

.pc/security-mar-2013.patch/lib/puppet/indirector/catalog

.pc/security-mar-2013.patch/lib/puppet/indirector/catalog/compiler.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/certificate_status

.pc/security-mar-2013.patch/lib/puppet/indirector/certificate_status/file.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/errors.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/file_bucket_file

.pc/security-mar-2013.patch/lib/puppet/indirector/file_bucket_file/file.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/file_bucket_file/selector.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/indirection.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/request.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/active_record.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/ral.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/store_configs.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/validator.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/rest.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/run

.pc/security-mar-2013.patch/lib/puppet/indirector/run/local.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/terminus.rb

.pc/security-mar-2013.patch/lib/puppet/network

.pc/security-mar-2013.patch/lib/puppet/network/formats.rb

.pc/security-mar-2013.patch/lib/puppet/network/handler

.pc/security-mar-2013.patch/lib/puppet/network/handler/master.rb

.pc/security-mar-2013.patch/lib/puppet/network/handler/report.rb

.pc/security-mar-2013.patch/lib/puppet/network/http

.pc/security-mar-2013.patch/lib/puppet/network/http/handler.rb

.pc/security-mar-2013.patch/lib/puppet/network/http/rack

.pc/security-mar-2013.patch/lib/puppet/network/http/rack/rest.rb

.pc/security-mar-2013.patch/lib/puppet/network/http/webrick.rb

.pc/security-mar-2013.patch/lib/puppet/network/rest_authconfig.rb

.pc/security-mar-2013.patch/lib/puppet/parser

.pc/security-mar-2013.patch/lib/puppet/parser/templatewrapper.rb

.pc/security-mar-2013.patch/lib/puppet/util

.pc/security-mar-2013.patch/lib/puppet/util/monkey_patches.rb

.pc/security-mar-2013.patch/spec

.pc/security-mar-2013.patch/spec/integration

.pc/security-mar-2013.patch/spec/integration/indirector

.pc/security-mar-2013.patch/spec/integration/indirector/catalog

.pc/security-mar-2013.patch/spec/integration/indirector/catalog/compiler_spec.rb

.pc/security-mar-2013.patch/spec/integration/indirector/catalog/queue_spec.rb

.pc/security-mar-2013.patch/spec/integration/resource

.pc/security-mar-2013.patch/spec/integration/resource/catalog_spec.rb

.pc/security-mar-2013.patch/spec/unit

.pc/security-mar-2013.patch/spec/unit/indirector

.pc/security-mar-2013.patch/spec/unit/indirector/catalog

.pc/security-mar-2013.patch/spec/unit/indirector/catalog/compiler_spec.rb

.pc/security-mar-2013.patch/spec/unit/indirector/indirection_spec.rb

.pc/security-mar-2013.patch/spec/unit/indirector/request_spec.rb

.pc/security-mar-2013.patch/spec/unit/indirector/terminus_spec.rb

.pc/security-mar-2013.patch/spec/unit/network

.pc/security-mar-2013.patch/spec/unit/network/formats_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http

.pc/security-mar-2013.patch/spec/unit/network/http/handler_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http/rack

.pc/security-mar-2013.patch/spec/unit/network/http/rack/rest_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http/webrick_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http_pool_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/rest_authconfig_spec.rb

.pc/security-mar-2013.patch/spec/unit/parser

.pc/security-mar-2013.patch/spec/unit/parser/functions

.pc/security-mar-2013.patch/spec/unit/parser/functions/inline_template_spec.rb

.pc/security-mar-2013.patch/spec/unit/parser/functions/template_spec.rb

.pc/security-mar-2013.patch/spec/unit/parser/templatewrapper_spec.rb

.pc/security-mar-2013.patch/spec/unit/ssl

.pc/security-mar-2013.patch/spec/unit/ssl/certificate_request_spec.rb

.pc/security-mar-2013.patch/spec/unit/ssl/host_spec.rb

.pc/security-mar-2013.patch/spec/unit/util

.pc/security-mar-2013.patch/spec/unit/util/monkey_patches_spec.rb

.pc/security-mar-2013.patch/test

.pc/security-mar-2013.patch/test/language

.pc/security-mar-2013.patch/test/language/snippets.rb

debian/patches/security-mar-2013.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

debian/vim-puppet.install

debian/vim-puppet.yaml

lib/puppet/type/file/source.rb

spec/integration/type/file_spec.rb

spec/unit/type/file/source_spec.rb

Show diffs side-by-side

added added

removed removed

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file/file.rb

require 'puppet/indirector/code'

require 'puppet/file_bucket/file'

require 'puppet/util/checksums'

require 'fileutils'

module Puppet::FileBucketFile

class File < Puppet::Indirector::Code

include Puppet::Util::Checksums

desc "Store files in a directory set based on their checksums."

def initialize

Puppet.settings.use(:filebucket)

end

def find( request )

checksum, files_original_path = request_to_checksum_and_path( request )

dir_path = path_for(request.options[:bucket_path], checksum)

file_path = ::File.join(dir_path, 'contents')

return nil unless ::File.exists?(file_path)

return nil unless path_match(dir_path, files_original_path)

if request.options[:diff_with]

hash_protocol = sumtype(checksum)

file2_path = path_for(request.options[:bucket_path], request.options[:diff_with], 'contents')

raise "could not find diff_with #{request.options[:diff_with]}" unless ::File.exists?(file2_path)

return `diff #{file_path.inspect} #{file2_path.inspect}`

else

contents = IO.binread(file_path)

Puppet.info "FileBucket read #{checksum}"

model.new(contents)

end

def head(request)

checksum, files_original_path = request_to_checksum_and_path(request)

dir_path = path_for(request.options[:bucket_path], checksum)

::File.exists?(::File.join(dir_path, 'contents')) and path_match(dir_path, files_original_path)

end

def save( request )

instance = request.instance

checksum, files_original_path = request_to_checksum_and_path(request)

save_to_disk(instance, files_original_path)

instance.to_s

end

private

def path_match(dir_path, files_original_path)

return true unless files_original_path # if no path was provided, it's a match

paths_path = ::File.join(dir_path, 'paths')

return false unless ::File.exists?(paths_path)

::File.open(paths_path) do |f|

f.each_line do |line|

return true if line.chomp == files_original_path

end

return false

end

def save_to_disk( bucket_file, files_original_path )

filename = path_for(bucket_file.bucket_path, bucket_file.checksum_data, 'contents')

dir_path = path_for(bucket_file.bucket_path, bucket_file.checksum_data)

paths_path = ::File.join(dir_path, 'paths')

# If the file already exists, do nothing.

if ::File.exist?(filename)

verify_identical_file!(bucket_file)

else

# Make the directories if necessary.

unless ::File.directory?(dir_path)

Puppet::Util.withumask(0007) do

::FileUtils.mkdir_p(dir_path)

end

Puppet.info "FileBucket adding #{bucket_file.checksum}"

# Write the file to disk.

Puppet::Util.withumask(0007) do

::File.open(filename, ::File::WRONLY|::File::CREAT, 0440) do |of|

of.binmode

of.print bucket_file.contents

end

::File.open(paths_path, ::File::WRONLY|::File::CREAT, 0640) do |of|

# path will be written below

end

unless path_match(dir_path, files_original_path)

::File.open(paths_path, 'a') do |f|

f.puts(files_original_path)

end

100

end

101

102

def request_to_checksum_and_path( request )

103

checksum_type, checksum, path = request.key.split(/\//, 3)

104

if path == '' # Treat "md5/<checksum>/" like "md5/<checksum>"

105

path = nil

106

end

107

raise "Unsupported checksum type #{checksum_type.inspect}" if checksum_type != 'md5'

108

raise "Invalid checksum #{checksum.inspect}" if checksum !~ /^[0-9a-f]{32}$/

109

[checksum, path]

110

end

111

112

def path_for(bucket_path, digest, subfile = nil)

113

bucket_path ||= Puppet[:bucketdir]

114

115

dir = ::File.join(digest[0..7].split(""))

116

basedir = ::File.join(bucket_path, dir, digest)

117

118

return basedir unless subfile

119

::File.join(basedir, subfile)

120

end

121

122

# If conflict_check is enabled, verify that the passed text is

123

# the same as the text in our file.

124

def verify_identical_file!(bucket_file)

125

disk_contents = IO.binread(path_for(bucket_file.bucket_path, bucket_file.checksum_data, 'contents'))

126

127

# If the contents don't match, then we've found a conflict.

128

# Unlikely, but quite bad.

129

if disk_contents != bucket_file.contents

130

raise Puppet::FileBucket::BucketError, "Got passed new contents for sum #{bucket_file.checksum}"

131

else

132

Puppet.info "FileBucket got a duplicate file #{bucket_file.checksum}"

133

end

134

end

135

end

136

end

Older »